CVSS: 5.3EPSS: 1%CPEs: 31EXPL: 0CVE-2024-9398 – firefox: thunderbird: External protocol handlers could be enumerated via popups
https://notcve.org/view.php?id=CVE-2024-9398
01 Oct 2024 — By checking the result of calls to `window.open` with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handler is installed. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. The Mozilla Foundation's Security Advisory: By checking the result of calls to window.open with specifically set protocol handlers, an attacker could determine if the application which implements that protocol handl... • https://bugzilla.mozilla.org/show_bug.cgi?id=1881037 • CWE-203: Observable Discrepancy •
CVSS: 6.4EPSS: 0%CPEs: 31EXPL: 0CVE-2024-9397 – firefox: thunderbird: Potential directory upload bypass via clickjacking
https://notcve.org/view.php?id=CVE-2024-9397
01 Oct 2024 — A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: A missing delay in directory upload UI could have made it possible for an attacker to trick a user into granting permission via clickjacking. Multiple security... • https://bugzilla.mozilla.org/show_bug.cgi?id=1916659 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 32EXPL: 0CVE-2024-9396 – firefox: thunderbird: Potential memory corruption may occur when cloning certain objects
https://notcve.org/view.php?id=CVE-2024-9396
01 Oct 2024 — It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131. A flaw was found in Mozilla. The Mozilla Foundation's Security Advisory describes the issue as follows: It is currently unknown if this issue is exploitable, but a condition may arise where the structured clone of certain objects could lead to mem... • https://bugzilla.mozilla.org/show_bug.cgi?id=1912471 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-9394 – firefox: thunderbird: Cross-origin access to JSON contents through multipart responses
https://notcve.org/view.php?id=CVE-2024-9394
01 Oct 2024 — An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://devtools` origin. This could allow them to access cross-origin JSON content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1918874 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 35EXPL: 0CVE-2024-9393 – firefox: thunderbird: Cross-origin access to PDF contents through multipart responses
https://notcve.org/view.php?id=CVE-2024-9393
01 Oct 2024 — An attacker could, via a specially crafted multipart response, execute arbitrary JavaScript under the `resource://pdf.js` origin. This could allow them to access cross-origin PDF content. This access is limited to "same site" documents by the Site Isolation feature on desktop clients, but full cross-origin access is possible on Android versions. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1918301 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-346: Origin Validation Error •
CVSS: 9.8EPSS: 0%CPEs: 34EXPL: 0CVE-2024-9392 – firefox: thunderbird: Compromised content process can bypass site isolation
https://notcve.org/view.php?id=CVE-2024-9392
01 Oct 2024 — A compromised content process could have allowed for the arbitrary loading of cross-origin pages. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. The Mozilla Foundation's Security Advisory: A compromised content process could allow for the arbitrary loading of cross-origin pages. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially ex... • https://bugzilla.mozilla.org/show_bug.cgi?id=1905843 • CWE-346: Origin Validation Error •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-41708
https://notcve.org/view.php?id=CVE-2024-41708
25 Sep 2024 — An issue was discovered in AdaCore ada_web_services 20.0 allows an attacker to escalate privileges and steal sessions via the Random_String() function in the src/core/aws-utils.adb module. • https://docs.adacore.com/corp/security-advisories/SEC.AWS-0040-v2.pdf • CWE-330: Use of Insufficiently Random Values •
CVSS: 7.3EPSS: 0%CPEs: 15EXPL: 0CVE-2024-45817 – x86: Deadlock in vlapic_error()
https://notcve.org/view.php?id=CVE-2024-45817
24 Sep 2024 — In x86's APIC (Advanced Programmable Interrupt Controller) architecture, error conditions are reported in a status register. Furthermore, the OS can opt to receive an interrupt when a new error occurs. It is possible to configure the error interrupt with an illegal vector, which generates an error when an error interrupt is raised. This case causes Xen to recurse through vlapic_error(). The recursion itself is bounded; errors accumulate in the the status register and only generate an interrupt when a new st... • https://xenbits.xenproject.org/xsa/advisory-462.html • CWE-209: Generation of Error Message Containing Sensitive Information •
CVSS: 8.5EPSS: 0%CPEs: 2EXPL: 0CVE-2024-45752
https://notcve.org/view.php?id=CVE-2024-45752
19 Sep 2024 — logiops through 0.3.4, in its default configuration, allows any unprivileged user to configure its logid daemon via an unrestricted D-Bus service, including setting malicious keyboard macros. This allows for privilege escalation with minimal user interaction. • https://bugzilla.suse.com/show_bug.cgi?id=1226598 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 30EXPL: 0CVE-2024-8900 – firefox: Clipboard write permission bypass
https://notcve.org/view.php?id=CVE-2024-8900
17 Sep 2024 — An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129. An attacker could write data to the user's clipboard, bypassing the user prompt, during a certain sequence of navigational events. This vulnerability affects Firefox < 129, Firefox ESR < 128.3, and Thunderbird < 128.3. The Mozilla Foundation's Security Advisory: An attacker could write data to the user's clipboard, bypassing the user pro... • https://bugzilla.mozilla.org/show_bug.cgi?id=1872841 • CWE-732: Incorrect Permission Assignment for Critical Resource •